RSS   Vulnerabilities for 'Blackberry link'   RSS

2015-07-19
 
CVE-2015-4111

 

 
mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with installer before 1.1.0.22 allows remote attackers to execute arbitrary code via a crafted MP4 file.

 
2013-11-17
 
CVE-2013-6798

 

 
BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not properly determine the user account for execution of Peer Manager in certain situations involving successive logins with different accounts, which allows context-dependent attackers to bypass intended restrictions on remote file-access folders via IPv6 WebDAV requests, a different vulnerability than CVE-2013-3694.

 
 
CVE-2013-3694

CWE-352
 

 
BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not require authentication for remote file-access folders, which allows remote attackers to read or create arbitrary files via IPv6 WebDAV requests, as demonstrated by a CSRF attack involving DNS rebinding.

 

 >>> Vendor: Blackberry 28 Products
Enterprise server
Unite
Blackberry tablet os
Qnx momentics tool suite
Qnx software development platform
Qnx neutrino rtos
Z10
Blackberry os
Blackberry enterprise service
Blackberry link
Blackberry universal device service
Enterprise server express
Blackberry z10
Q10
Q5
Z30
Blackberry world
Good enterprise mobility server
Enterprise service
VAPP
Appliance-x
Good control server
Unified endpoint manager
Workspaces
Workspaces appliance-x
Workspaces vapp
Enterprise mobility server
Unified endpoint management


Copyright 2020, cxsecurity.com

 

Back to Top